You might have better luck using kerberized rsh. Since it's kerberized, the old rule of "Don't use rsh--it's insecure" doesn't apply. http://packages.debian.org/etch/heimdal-clients